<?php
session_start();
if (!isset($_SERVER['PHP_AUTH_USER'])) {
    header('WWW-Authenticate: Basic realm="My Realm"');
    header('HTTP/1.0 401 Unauthorized');
    echo 'Text to send if user hits Cancel button';
    exit;
} else {

	$admin = false;
	$conn =  mysql_connect("localhost", "vandes4_root", 'root');
	
	if ($conn)	{
	
	 	$db=mysql_select_db('vandes4_PROJECT', $conn);
	 	
	 	if ($db)	{
	 	
	 		$query = "SELECT * FROM users WHERE username = '".$_SERVER['PHP_AUTH_USER']."';";
	 		$exec = mysql_query($query);
			$read = mysql_fetch_array($exec);	 		

	 		if ($read['password'] == MD5($_SERVER['PHP_AUTH_PW']))	{
	 			 		
			    echo "<p>Hello {$_SERVER['PHP_AUTH_USER']}.</p>";
    			if($read['admin'] == 1) 
    				$admin = true;
    				
    			include('users.php');	
    			include('content.php');
	 		
	 		}	else	{

	 			echo "Unauthorized<br />\n";
	 			echo $_SERVER['PHP_AUTH_USER'].":".$_SERVER['PHP_AUTH_PW']."<br />\n";
	 			header('HTTP/1.0 401 Unauthorized');
	 			exit();
	 		
	 		}
	 	
	 	}	else	{
	 	
	 		echo mysql_error();
	 	
	 	}
	
	}	else	{
	
		echo mysql_error();
	
	}

}

?>
